SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2394-1)

high Nessus Plugin ID 202176

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2394-1 advisory.

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958.
- CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391).
- CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426).
- CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448).
- CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452).
- CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
- CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).
- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
- CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389).
- CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678).
- CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52658: Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (bsc#1224719).
- CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603).
- CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696).
- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).
- CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504).
- CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475).
- CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946).
- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).
- CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).
- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
- CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692).
- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
- CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282, bsc#1222072).
- CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).
- CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641).
- CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716).
- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
- CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
- CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712).
- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
- CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605).
- CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).
- CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
- CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).
- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
- CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).
- CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).
- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
- CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).
- CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).
- CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552).
- CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).
- CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).
- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
- CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698).
- CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699).
- CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841).
- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
- CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714).
- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
- CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).
- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
- CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).
- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
- CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).
- CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
- CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).
- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
- CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587).
- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
- CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).
- CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
- CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).
- CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634).
- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
- CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).
- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
- CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).
- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
- CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886).
- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103.
- CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1224552

https://bugzilla.suse.com/1224583

https://bugzilla.suse.com/1224588

https://bugzilla.suse.com/1224602

https://bugzilla.suse.com/1224603

https://bugzilla.suse.com/1224605

https://bugzilla.suse.com/1224612

https://bugzilla.suse.com/1224614

https://bugzilla.suse.com/1224619

https://bugzilla.suse.com/1224661

https://bugzilla.suse.com/1224662

https://bugzilla.suse.com/1224670

https://bugzilla.suse.com/1224671

https://bugzilla.suse.com/1224674

https://bugzilla.suse.com/1224677

https://bugzilla.suse.com/1224679

https://bugzilla.suse.com/1224696

https://bugzilla.suse.com/1224703

https://bugzilla.suse.com/1224712

https://bugzilla.suse.com/1224716

https://bugzilla.suse.com/1224719

https://bugzilla.suse.com/1224735

https://bugzilla.suse.com/1224749

https://bugzilla.suse.com/1224764

https://bugzilla.suse.com/1224765

https://bugzilla.suse.com/1224766

https://bugzilla.suse.com/1224935

https://bugzilla.suse.com/1224946

https://bugzilla.suse.com/1224951

https://bugzilla.suse.com/1225050

https://bugzilla.suse.com/1225098

https://bugzilla.suse.com/1225105

https://bugzilla.suse.com/1225300

https://bugzilla.suse.com/1225389

https://bugzilla.suse.com/1225391

https://bugzilla.suse.com/1225419

https://bugzilla.suse.com/1225426

https://bugzilla.suse.com/1225448

https://bugzilla.suse.com/1225452

https://bugzilla.suse.com/1225467

https://bugzilla.suse.com/1225475

https://bugzilla.suse.com/1225484

https://bugzilla.suse.com/1225487

https://bugzilla.suse.com/1225514

https://bugzilla.suse.com/1225518

https://bugzilla.suse.com/1225535

https://bugzilla.suse.com/1225585

https://bugzilla.suse.com/1225602

https://bugzilla.suse.com/1225611

https://bugzilla.suse.com/1225681

https://bugzilla.suse.com/1225692

https://bugzilla.suse.com/1225698

https://bugzilla.suse.com/1225699

https://bugzilla.suse.com/1225704

https://bugzilla.suse.com/1225714

https://bugzilla.suse.com/1225726

https://bugzilla.suse.com/1225732

https://bugzilla.suse.com/1225737

https://bugzilla.suse.com/1225749

https://bugzilla.suse.com/1225758

https://bugzilla.suse.com/1225759

https://bugzilla.suse.com/1225760

https://bugzilla.suse.com/1225767

https://bugzilla.suse.com/1225770

https://bugzilla.suse.com/1225823

https://bugzilla.suse.com/1225834

https://bugzilla.suse.com/1225840

https://bugzilla.suse.com/1225866

https://bugzilla.suse.com/1225872

https://bugzilla.suse.com/1225894

https://bugzilla.suse.com/1226022

https://bugzilla.suse.com/1226131

https://bugzilla.suse.com/1226145

https://bugzilla.suse.com/1226149

https://bugzilla.suse.com/1226155

https://bugzilla.suse.com/1226211

https://bugzilla.suse.com/1226212

https://bugzilla.suse.com/1226226

https://bugzilla.suse.com/1226514

https://bugzilla.suse.com/1226520

https://bugzilla.suse.com/1226537

https://bugzilla.suse.com/1226538

https://bugzilla.suse.com/1226539

https://bugzilla.suse.com/1226550

https://bugzilla.suse.com/1226552

https://bugzilla.suse.com/1226553

https://bugzilla.suse.com/1226554

https://bugzilla.suse.com/1226556

https://bugzilla.suse.com/1226557

https://bugzilla.suse.com/1226558

https://bugzilla.suse.com/1226559

https://bugzilla.suse.com/1226561

https://bugzilla.suse.com/1226562

https://bugzilla.suse.com/1226563

https://bugzilla.suse.com/1226564

https://bugzilla.suse.com/1226566

https://bugzilla.suse.com/1226567

https://bugzilla.suse.com/1226569

https://bugzilla.suse.com/1226572

https://bugzilla.suse.com/1226575

https://bugzilla.suse.com/1226576

https://bugzilla.suse.com/1226577

https://bugzilla.suse.com/1226579

https://bugzilla.suse.com/1226580

https://bugzilla.suse.com/1226841

https://bugzilla.suse.com/1226842

https://bugzilla.suse.com/1226848

https://bugzilla.suse.com/1226852

https://bugzilla.suse.com/1226857

https://bugzilla.suse.com/1226861

https://bugzilla.suse.com/1226863

https://bugzilla.suse.com/1226864

https://bugzilla.suse.com/1226867

https://bugzilla.suse.com/1226868

https://bugzilla.suse.com/1226876

https://bugzilla.suse.com/1226878

https://bugzilla.suse.com/1226883

https://bugzilla.suse.com/1226886

https://bugzilla.suse.com/1226890

https://bugzilla.suse.com/1226891

https://bugzilla.suse.com/1226895

https://bugzilla.suse.com/1226908

https://bugzilla.suse.com/1226915

https://bugzilla.suse.com/1226928

https://bugzilla.suse.com/1226948

https://bugzilla.suse.com/1226949

https://bugzilla.suse.com/1226950

https://bugzilla.suse.com/1226953

https://bugzilla.suse.com/1226962

https://bugzilla.suse.com/1226976

https://bugzilla.suse.com/1226992

https://bugzilla.suse.com/1226994

https://bugzilla.suse.com/1226996

https://bugzilla.suse.com/1227066

https://bugzilla.suse.com/1227096

https://bugzilla.suse.com/1227101

https://bugzilla.suse.com/1227103

https://bugzilla.suse.com/1227274

https://lists.suse.com/pipermail/sle-updates/2024-July/035907.html

https://www.suse.com/security/cve/CVE-2021-4439

https://www.suse.com/security/cve/CVE-2021-47089

https://www.suse.com/security/cve/CVE-2021-47432

https://www.suse.com/security/cve/CVE-2021-47515

https://www.suse.com/security/cve/CVE-2021-47534

https://www.suse.com/security/cve/CVE-2021-47538

https://www.suse.com/security/cve/CVE-2021-47539

https://www.suse.com/security/cve/CVE-2021-47555

https://www.suse.com/security/cve/CVE-2021-47566

https://www.suse.com/security/cve/CVE-2021-47571

https://www.suse.com/security/cve/CVE-2024-36937

https://www.suse.com/security/cve/CVE-2024-36940

https://www.suse.com/security/cve/CVE-2024-36945

https://www.suse.com/security/cve/CVE-2024-36949

https://www.suse.com/security/cve/CVE-2024-36960

https://www.suse.com/security/cve/CVE-2024-36964

https://www.suse.com/security/cve/CVE-2024-36965

https://www.suse.com/security/cve/CVE-2024-36967

https://www.suse.com/security/cve/CVE-2024-36969

https://www.suse.com/security/cve/CVE-2024-36971

https://www.suse.com/security/cve/CVE-2024-36975

https://www.suse.com/security/cve/CVE-2024-36978

https://www.suse.com/security/cve/CVE-2024-37021

https://www.suse.com/security/cve/CVE-2024-37078

https://www.suse.com/security/cve/CVE-2024-37354

https://www.suse.com/security/cve/CVE-2024-38381

https://bugzilla.suse.com/1156395

https://bugzilla.suse.com/1190336

https://bugzilla.suse.com/1191958

https://bugzilla.suse.com/1193883

https://bugzilla.suse.com/1194826

https://bugzilla.suse.com/1195065

https://bugzilla.suse.com/1195254

https://bugzilla.suse.com/1195341

https://bugzilla.suse.com/1195349

https://bugzilla.suse.com/1195775

https://bugzilla.suse.com/1196746

https://bugzilla.suse.com/1197915

https://bugzilla.suse.com/1198014

https://bugzilla.suse.com/1199295

https://bugzilla.suse.com/1202767

https://bugzilla.suse.com/1202780

https://bugzilla.suse.com/1205205

https://bugzilla.suse.com/1207361

https://bugzilla.suse.com/1217912

https://bugzilla.suse.com/1218148

https://bugzilla.suse.com/1218570

https://bugzilla.suse.com/1218820

https://bugzilla.suse.com/1219224

https://bugzilla.suse.com/1219633

https://bugzilla.suse.com/1219847

https://bugzilla.suse.com/1220368

https://bugzilla.suse.com/1220812

https://bugzilla.suse.com/1220958

https://bugzilla.suse.com/1221086

https://bugzilla.suse.com/1221282

https://bugzilla.suse.com/1221958

https://bugzilla.suse.com/1222015

https://bugzilla.suse.com/1222072

https://bugzilla.suse.com/1222080

https://bugzilla.suse.com/1222241

https://bugzilla.suse.com/1222254

https://bugzilla.suse.com/1222364

https://bugzilla.suse.com/1222893

https://bugzilla.suse.com/1223013

https://bugzilla.suse.com/1223018

https://bugzilla.suse.com/1223265

https://bugzilla.suse.com/1223384

https://bugzilla.suse.com/1223641

https://bugzilla.suse.com/1224020

https://bugzilla.suse.com/1224331

https://bugzilla.suse.com/1224488

https://bugzilla.suse.com/1224497

https://bugzilla.suse.com/1224498

https://bugzilla.suse.com/1224504

https://bugzilla.suse.com/1224520

https://bugzilla.suse.com/1224539

https://bugzilla.suse.com/1224540

https://bugzilla.suse.com/1226581

https://bugzilla.suse.com/1226582

https://bugzilla.suse.com/1226583

https://bugzilla.suse.com/1226585

https://bugzilla.suse.com/1226587

https://bugzilla.suse.com/1226588

https://bugzilla.suse.com/1226593

https://bugzilla.suse.com/1226595

https://bugzilla.suse.com/1226597

https://bugzilla.suse.com/1226601

https://bugzilla.suse.com/1226602

https://bugzilla.suse.com/1226603

https://bugzilla.suse.com/1226607

https://bugzilla.suse.com/1226610

https://bugzilla.suse.com/1226614

https://bugzilla.suse.com/1226616

https://bugzilla.suse.com/1226617

https://bugzilla.suse.com/1226618

https://bugzilla.suse.com/1226619

https://bugzilla.suse.com/1226621

https://bugzilla.suse.com/1226622

https://bugzilla.suse.com/1226624

https://bugzilla.suse.com/1226626

https://bugzilla.suse.com/1226628

https://bugzilla.suse.com/1226629

https://bugzilla.suse.com/1226632

https://bugzilla.suse.com/1226633

https://bugzilla.suse.com/1226634

https://bugzilla.suse.com/1226637

https://bugzilla.suse.com/1226643

https://bugzilla.suse.com/1226644

https://bugzilla.suse.com/1226645

https://bugzilla.suse.com/1226647

https://bugzilla.suse.com/1226650

https://bugzilla.suse.com/1226653

https://bugzilla.suse.com/1226657

https://bugzilla.suse.com/1226658

https://bugzilla.suse.com/1226669

https://bugzilla.suse.com/1226670

https://bugzilla.suse.com/1226672

https://bugzilla.suse.com/1226673

https://bugzilla.suse.com/1226674

https://bugzilla.suse.com/1226675

https://bugzilla.suse.com/1226678

https://bugzilla.suse.com/1226679

https://bugzilla.suse.com/1226683

https://bugzilla.suse.com/1226685

https://bugzilla.suse.com/1226686

https://bugzilla.suse.com/1226690

https://bugzilla.suse.com/1226691

https://bugzilla.suse.com/1226692

https://bugzilla.suse.com/1226693

https://bugzilla.suse.com/1226696

https://bugzilla.suse.com/1226697

https://bugzilla.suse.com/1226698

https://bugzilla.suse.com/1226699

https://bugzilla.suse.com/1226701

https://bugzilla.suse.com/1226702

https://bugzilla.suse.com/1226703

https://bugzilla.suse.com/1226704

https://bugzilla.suse.com/1226705

https://bugzilla.suse.com/1226706

https://bugzilla.suse.com/1226708

https://bugzilla.suse.com/1226709

https://bugzilla.suse.com/1226710

https://bugzilla.suse.com/1226711

https://bugzilla.suse.com/1226712

https://bugzilla.suse.com/1226713

https://bugzilla.suse.com/1226715

https://bugzilla.suse.com/1226716

https://bugzilla.suse.com/1226718

https://bugzilla.suse.com/1226719

https://bugzilla.suse.com/1226720

https://bugzilla.suse.com/1226721

https://bugzilla.suse.com/1226730

https://bugzilla.suse.com/1226732

https://bugzilla.suse.com/1226734

https://bugzilla.suse.com/1226735

https://bugzilla.suse.com/1226737

https://bugzilla.suse.com/1226738

https://bugzilla.suse.com/1226739

https://bugzilla.suse.com/1226740

https://bugzilla.suse.com/1226744

https://bugzilla.suse.com/1226746

https://bugzilla.suse.com/1226747

https://bugzilla.suse.com/1226749

https://bugzilla.suse.com/1226754

https://bugzilla.suse.com/1226762

https://bugzilla.suse.com/1226764

https://bugzilla.suse.com/1226767

https://bugzilla.suse.com/1226768

https://bugzilla.suse.com/1226769

https://bugzilla.suse.com/1226771

https://bugzilla.suse.com/1226774

https://bugzilla.suse.com/1226777

https://bugzilla.suse.com/1226780

https://bugzilla.suse.com/1226781

https://bugzilla.suse.com/1226785

https://bugzilla.suse.com/1226786

https://bugzilla.suse.com/1226789

https://bugzilla.suse.com/1226791

https://bugzilla.suse.com/1226839

https://bugzilla.suse.com/1226840

https://www.suse.com/security/cve/CVE-2021-47572

https://www.suse.com/security/cve/CVE-2021-47576

https://www.suse.com/security/cve/CVE-2021-47577

https://www.suse.com/security/cve/CVE-2021-47578

https://www.suse.com/security/cve/CVE-2021-47580

https://www.suse.com/security/cve/CVE-2021-47582

https://www.suse.com/security/cve/CVE-2021-47583

https://www.suse.com/security/cve/CVE-2021-47584

https://www.suse.com/security/cve/CVE-2021-47585

https://www.suse.com/security/cve/CVE-2021-47586

https://www.suse.com/security/cve/CVE-2021-47587

https://www.suse.com/security/cve/CVE-2021-47589

https://www.suse.com/security/cve/CVE-2021-47592

https://www.suse.com/security/cve/CVE-2021-47595

https://www.suse.com/security/cve/CVE-2021-47596

https://www.suse.com/security/cve/CVE-2021-47597

https://www.suse.com/security/cve/CVE-2021-47600

https://www.suse.com/security/cve/CVE-2021-47601

https://www.suse.com/security/cve/CVE-2021-47602

https://www.suse.com/security/cve/CVE-2021-47603

https://www.suse.com/security/cve/CVE-2021-47604

https://www.suse.com/security/cve/CVE-2021-47605

https://www.suse.com/security/cve/CVE-2021-47607

https://www.suse.com/security/cve/CVE-2021-47608

https://www.suse.com/security/cve/CVE-2021-47609

https://www.suse.com/security/cve/CVE-2021-47610

https://www.suse.com/security/cve/CVE-2021-47611

https://www.suse.com/security/cve/CVE-2021-47612

https://www.suse.com/security/cve/CVE-2021-47614

https://www.suse.com/security/cve/CVE-2021-47615

https://www.suse.com/security/cve/CVE-2021-47616

https://www.suse.com/security/cve/CVE-2021-47617

https://www.suse.com/security/cve/CVE-2021-47618

https://www.suse.com/security/cve/CVE-2021-47619

https://www.suse.com/security/cve/CVE-2021-47620

https://www.suse.com/security/cve/CVE-2022-48711

https://www.suse.com/security/cve/CVE-2022-48712

https://www.suse.com/security/cve/CVE-2022-48713

https://www.suse.com/security/cve/CVE-2022-48714

https://www.suse.com/security/cve/CVE-2022-48715

https://www.suse.com/security/cve/CVE-2022-48716

https://www.suse.com/security/cve/CVE-2022-48717

https://www.suse.com/security/cve/CVE-2022-48718

https://www.suse.com/security/cve/CVE-2022-48720

https://www.suse.com/security/cve/CVE-2022-48721

https://www.suse.com/security/cve/CVE-2022-48722

https://www.suse.com/security/cve/CVE-2022-48723

https://www.suse.com/security/cve/CVE-2022-48724

https://www.suse.com/security/cve/CVE-2022-48725

https://www.suse.com/security/cve/CVE-2022-48726

https://www.suse.com/security/cve/CVE-2022-48727

https://www.suse.com/security/cve/CVE-2022-48728

https://www.suse.com/security/cve/CVE-2022-48729

https://www.suse.com/security/cve/CVE-2022-48730

https://www.suse.com/security/cve/CVE-2022-48732

https://www.suse.com/security/cve/CVE-2022-48733

https://www.suse.com/security/cve/CVE-2022-48734

https://www.suse.com/security/cve/CVE-2022-48735

https://www.suse.com/security/cve/CVE-2022-48736

https://www.suse.com/security/cve/CVE-2022-48737

https://www.suse.com/security/cve/CVE-2022-48738

https://www.suse.com/security/cve/CVE-2022-48739

https://www.suse.com/security/cve/CVE-2022-48740

https://www.suse.com/security/cve/CVE-2022-48743

https://www.suse.com/security/cve/CVE-2022-48744

https://www.suse.com/security/cve/CVE-2022-48745

https://www.suse.com/security/cve/CVE-2022-48746

https://www.suse.com/security/cve/CVE-2022-48747

https://www.suse.com/security/cve/CVE-2022-48748

https://www.suse.com/security/cve/CVE-2022-48749

https://www.suse.com/security/cve/CVE-2022-48751

https://www.suse.com/security/cve/CVE-2022-48752

https://www.suse.com/security/cve/CVE-2022-48753

https://www.suse.com/security/cve/CVE-2022-48754

https://www.suse.com/security/cve/CVE-2022-48755

https://www.suse.com/security/cve/CVE-2022-48756

https://www.suse.com/security/cve/CVE-2022-48758

https://www.suse.com/security/cve/CVE-2022-48759

https://www.suse.com/security/cve/CVE-2022-48760

https://www.suse.com/security/cve/CVE-2022-48761

https://www.suse.com/security/cve/CVE-2022-48763

https://www.suse.com/security/cve/CVE-2022-48765

https://www.suse.com/security/cve/CVE-2022-48766

https://www.suse.com/security/cve/CVE-2022-48767

https://www.suse.com/security/cve/CVE-2022-48768

https://www.suse.com/security/cve/CVE-2022-48769

https://www.suse.com/security/cve/CVE-2022-48770

https://www.suse.com/security/cve/CVE-2022-48771

https://www.suse.com/security/cve/CVE-2022-48772

https://www.suse.com/security/cve/CVE-2023-24023

https://www.suse.com/security/cve/CVE-2023-52622

https://www.suse.com/security/cve/CVE-2023-52658

https://www.suse.com/security/cve/CVE-2023-52667

https://www.suse.com/security/cve/CVE-2023-52670

https://www.suse.com/security/cve/CVE-2023-52672

https://www.suse.com/security/cve/CVE-2023-52675

https://www.suse.com/security/cve/CVE-2023-52735

https://www.suse.com/security/cve/CVE-2023-52737

https://www.suse.com/security/cve/CVE-2023-52752

https://www.suse.com/security/cve/CVE-2023-52766

https://www.suse.com/security/cve/CVE-2023-52784

https://www.suse.com/security/cve/CVE-2023-52787

https://www.suse.com/security/cve/CVE-2023-52800

https://www.suse.com/security/cve/CVE-2023-52835

https://www.suse.com/security/cve/CVE-2023-52837

https://www.suse.com/security/cve/CVE-2023-52843

https://www.suse.com/security/cve/CVE-2023-52845

https://www.suse.com/security/cve/CVE-2023-52846

https://www.suse.com/security/cve/CVE-2023-52869

https://www.suse.com/security/cve/CVE-2023-52881

https://www.suse.com/security/cve/CVE-2023-52882

https://www.suse.com/security/cve/CVE-2023-52884

https://www.suse.com/security/cve/CVE-2024-26625

https://www.suse.com/security/cve/CVE-2024-26644

https://www.suse.com/security/cve/CVE-2024-26720

https://www.suse.com/security/cve/CVE-2024-26842

https://www.suse.com/security/cve/CVE-2024-26845

https://www.suse.com/security/cve/CVE-2024-26923

https://www.suse.com/security/cve/CVE-2024-26973

https://www.suse.com/security/cve/CVE-2024-27432

https://www.suse.com/security/cve/CVE-2024-33619

https://www.suse.com/security/cve/CVE-2024-35247

https://www.suse.com/security/cve/CVE-2024-35789

https://www.suse.com/security/cve/CVE-2024-35790

https://www.suse.com/security/cve/CVE-2024-35807

https://www.suse.com/security/cve/CVE-2024-35814

https://www.suse.com/security/cve/CVE-2024-35835

https://www.suse.com/security/cve/CVE-2024-35848

https://www.suse.com/security/cve/CVE-2024-35857

https://www.suse.com/security/cve/CVE-2024-35861

https://www.suse.com/security/cve/CVE-2024-35862

https://www.suse.com/security/cve/CVE-2024-35864

https://www.suse.com/security/cve/CVE-2024-35869

https://www.suse.com/security/cve/CVE-2024-35878

https://www.suse.com/security/cve/CVE-2024-35884

https://www.suse.com/security/cve/CVE-2024-35886

https://www.suse.com/security/cve/CVE-2024-35896

https://www.suse.com/security/cve/CVE-2024-35898

https://www.suse.com/security/cve/CVE-2024-35900

https://www.suse.com/security/cve/CVE-2024-35905

https://www.suse.com/security/cve/CVE-2024-35925

https://www.suse.com/security/cve/CVE-2024-35950

https://www.suse.com/security/cve/CVE-2024-35956

https://www.suse.com/security/cve/CVE-2024-35958

https://www.suse.com/security/cve/CVE-2024-35960

https://www.suse.com/security/cve/CVE-2024-35962

https://www.suse.com/security/cve/CVE-2024-35997

https://www.suse.com/security/cve/CVE-2024-36005

https://www.suse.com/security/cve/CVE-2024-36008

https://www.suse.com/security/cve/CVE-2024-36017

https://www.suse.com/security/cve/CVE-2024-36020

https://www.suse.com/security/cve/CVE-2024-36021

https://www.suse.com/security/cve/CVE-2024-36025

https://www.suse.com/security/cve/CVE-2024-36477

https://www.suse.com/security/cve/CVE-2024-36478

https://www.suse.com/security/cve/CVE-2024-36479

https://www.suse.com/security/cve/CVE-2024-36890

https://www.suse.com/security/cve/CVE-2024-36894

https://www.suse.com/security/cve/CVE-2024-36899

https://www.suse.com/security/cve/CVE-2024-36900

https://www.suse.com/security/cve/CVE-2024-36904

https://www.suse.com/security/cve/CVE-2024-36915

https://www.suse.com/security/cve/CVE-2024-36916

https://www.suse.com/security/cve/CVE-2024-36917

https://www.suse.com/security/cve/CVE-2024-36919

https://www.suse.com/security/cve/CVE-2024-36934

https://www.suse.com/security/cve/CVE-2024-38388

https://www.suse.com/security/cve/CVE-2024-38390

https://www.suse.com/security/cve/CVE-2024-38540

https://www.suse.com/security/cve/CVE-2024-38541

https://www.suse.com/security/cve/CVE-2024-38544

https://www.suse.com/security/cve/CVE-2024-38545

https://www.suse.com/security/cve/CVE-2024-38546

https://www.suse.com/security/cve/CVE-2024-38547

https://www.suse.com/security/cve/CVE-2024-38548

https://www.suse.com/security/cve/CVE-2024-38549

https://www.suse.com/security/cve/CVE-2024-38550

https://www.suse.com/security/cve/CVE-2024-38552

https://www.suse.com/security/cve/CVE-2024-38553

https://www.suse.com/security/cve/CVE-2024-38555

https://www.suse.com/security/cve/CVE-2024-38556

https://www.suse.com/security/cve/CVE-2024-38557

https://www.suse.com/security/cve/CVE-2024-38559

https://www.suse.com/security/cve/CVE-2024-38560

https://www.suse.com/security/cve/CVE-2024-38564

https://www.suse.com/security/cve/CVE-2024-38565

https://www.suse.com/security/cve/CVE-2024-38567

https://www.suse.com/security/cve/CVE-2024-38568

https://www.suse.com/security/cve/CVE-2024-38571

https://www.suse.com/security/cve/CVE-2024-38573

https://www.suse.com/security/cve/CVE-2024-38578

https://www.suse.com/security/cve/CVE-2024-38579

https://www.suse.com/security/cve/CVE-2024-38580

https://www.suse.com/security/cve/CVE-2024-38581

https://www.suse.com/security/cve/CVE-2024-38582

https://www.suse.com/security/cve/CVE-2024-38583

https://www.suse.com/security/cve/CVE-2024-38587

https://www.suse.com/security/cve/CVE-2024-38590

https://www.suse.com/security/cve/CVE-2024-38591

https://www.suse.com/security/cve/CVE-2024-38594

https://www.suse.com/security/cve/CVE-2024-38597

https://www.suse.com/security/cve/CVE-2024-38599

https://www.suse.com/security/cve/CVE-2024-38600

https://www.suse.com/security/cve/CVE-2024-38601

https://www.suse.com/security/cve/CVE-2024-38603

https://www.suse.com/security/cve/CVE-2024-38605

https://www.suse.com/security/cve/CVE-2024-38608

https://www.suse.com/security/cve/CVE-2024-38616

https://www.suse.com/security/cve/CVE-2024-38618

https://www.suse.com/security/cve/CVE-2024-38619

https://www.suse.com/security/cve/CVE-2024-38621

https://www.suse.com/security/cve/CVE-2024-38627

https://www.suse.com/security/cve/CVE-2024-38630

https://www.suse.com/security/cve/CVE-2024-38633

https://www.suse.com/security/cve/CVE-2024-38634

https://www.suse.com/security/cve/CVE-2024-38635

https://www.suse.com/security/cve/CVE-2024-38659

https://www.suse.com/security/cve/CVE-2024-38661

https://www.suse.com/security/cve/CVE-2024-38780

https://www.suse.com/security/cve/CVE-2024-39301

https://www.suse.com/security/cve/CVE-2024-39468

https://www.suse.com/security/cve/CVE-2024-39469

https://www.suse.com/security/cve/CVE-2024-39471

Plugin Details

Severity: High

ID: 202176

File Name: suse_SU-2024-2394-1.nasl

Version: 1.5

Type: local

Agent: unix

Published: 7/11/2024

Updated: 9/10/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-38630

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150500_13_61-rt, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/10/2024

Vulnerability Publication Date: 11/14/2023

CISA Known Exploited Vulnerability Due Dates: 8/28/2024

Reference Information

CVE: CVE-2021-4439, CVE-2021-47089, CVE-2021-47432, CVE-2021-47515, CVE-2021-47534, CVE-2021-47538, CVE-2021-47539, CVE-2021-47555, CVE-2021-47566, CVE-2021-47571, CVE-2021-47572, CVE-2021-47576, CVE-2021-47577, CVE-2021-47578, CVE-2021-47580, CVE-2021-47582, CVE-2021-47583, CVE-2021-47584, CVE-2021-47585, CVE-2021-47586, CVE-2021-47587, CVE-2021-47589, CVE-2021-47592, CVE-2021-47595, CVE-2021-47596, CVE-2021-47597, CVE-2021-47600, CVE-2021-47601, CVE-2021-47602, CVE-2021-47603, CVE-2021-47604, CVE-2021-47605, CVE-2021-47607, CVE-2021-47608, CVE-2021-47609, CVE-2021-47610, CVE-2021-47611, CVE-2021-47612, CVE-2021-47614, CVE-2021-47615, CVE-2021-47616, CVE-2021-47617, CVE-2021-47618, CVE-2021-47619, CVE-2021-47620, CVE-2022-48711, CVE-2022-48712, CVE-2022-48713, CVE-2022-48714, CVE-2022-48715, CVE-2022-48716, CVE-2022-48717, CVE-2022-48718, CVE-2022-48720, CVE-2022-48721, CVE-2022-48722, CVE-2022-48723, CVE-2022-48724, CVE-2022-48725, CVE-2022-48726, CVE-2022-48727, CVE-2022-48728, CVE-2022-48729, CVE-2022-48730, CVE-2022-48732, CVE-2022-48733, CVE-2022-48734, CVE-2022-48735, CVE-2022-48736, CVE-2022-48737, CVE-2022-48738, CVE-2022-48739, CVE-2022-48740, CVE-2022-48743, CVE-2022-48744, CVE-2022-48745, CVE-2022-48746, CVE-2022-48747, CVE-2022-48748, CVE-2022-48749, CVE-2022-48751, CVE-2022-48752, CVE-2022-48753, CVE-2022-48754, CVE-2022-48755, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48763, CVE-2022-48765, CVE-2022-48766, CVE-2022-48767, CVE-2022-48768, CVE-2022-48769, CVE-2022-48770, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52658, CVE-2023-52667, CVE-2023-52670, CVE-2023-52672, CVE-2023-52675, CVE-2023-52735, CVE-2023-52737, CVE-2023-52752, CVE-2023-52766, CVE-2023-52784, CVE-2023-52787, CVE-2023-52800, CVE-2023-52835, CVE-2023-52837, CVE-2023-52843, CVE-2023-52845, CVE-2023-52846, CVE-2023-52869, CVE-2023-52881, CVE-2023-52882, CVE-2023-52884, CVE-2024-26625, CVE-2024-26644, CVE-2024-26720, CVE-2024-26842, CVE-2024-26845, CVE-2024-26923, CVE-2024-26973, CVE-2024-27432, CVE-2024-33619, CVE-2024-35247, CVE-2024-35789, CVE-2024-35790, CVE-2024-35807, CVE-2024-35814, CVE-2024-35835, CVE-2024-35848, CVE-2024-35857, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35869, CVE-2024-35878, CVE-2024-35884, CVE-2024-35886, CVE-2024-35896, CVE-2024-35898, CVE-2024-35900, CVE-2024-35905, CVE-2024-35925, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35997, CVE-2024-36005, CVE-2024-36008, CVE-2024-36017, CVE-2024-36020, CVE-2024-36021, CVE-2024-36025, CVE-2024-36477, CVE-2024-36478, CVE-2024-36479, CVE-2024-36890, CVE-2024-36894, CVE-2024-36899, CVE-2024-36900, CVE-2024-36904, CVE-2024-36915, CVE-2024-36916, CVE-2024-36917, CVE-2024-36919, CVE-2024-36934, CVE-2024-36937, CVE-2024-36940, CVE-2024-36945, CVE-2024-36949, CVE-2024-36960, CVE-2024-36964, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969, CVE-2024-36971, CVE-2024-36975, CVE-2024-36978, CVE-2024-37021, CVE-2024-37078, CVE-2024-37354, CVE-2024-38381, CVE-2024-38388, CVE-2024-38390, CVE-2024-38540, CVE-2024-38541, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549, CVE-2024-38550, CVE-2024-38552, CVE-2024-38553, CVE-2024-38555, CVE-2024-38556, CVE-2024-38557, CVE-2024-38559, CVE-2024-38560, CVE-2024-38564, CVE-2024-38565, CVE-2024-38567, CVE-2024-38568, CVE-2024-38571, CVE-2024-38573, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38581, CVE-2024-38582, CVE-2024-38583, CVE-2024-38587, CVE-2024-38590, CVE-2024-38591, CVE-2024-38594, CVE-2024-38597, CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38603, CVE-2024-38605, CVE-2024-38608, CVE-2024-38616, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38630, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39301, CVE-2024-39468, CVE-2024-39469, CVE-2024-39471

SuSE: SUSE-SU-2024:2394-1